[kernel-sec-discuss] r534 - patch-tracking
Dann Frazier
dannf at costa.debian.org
Mon Aug 14 03:06:54 UTC 2006
Author: dannf
Date: 2006-08-14 03:06:54 +0000 (Mon, 14 Aug 2006)
New Revision: 534
Modified:
patch-tracking/CVE-2006-3634
Log:
add description, notes & debian status
Ubuntu folks: This can be retired as far as Debian is concerned
Modified: patch-tracking/CVE-2006-3634
===================================================================
--- patch-tracking/CVE-2006-3634 2006-08-14 02:34:41 UTC (rev 533)
+++ patch-tracking/CVE-2006-3634 2006-08-14 03:06:54 UTC (rev 534)
@@ -3,16 +3,20 @@
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=bafe00cc9297ca77b66e5c83e5e65e17c0c997c8
http://www.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=13492c50f69bdf60a42debc6bd3ec49cc1dc941e
Description:
- s390 atomic futex crash
+ The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in
+ Linux kernel 2.6.17-rc4 to 2.6.18-rc2 performs the atomic futex operation
+ with user space addresses instead of kernel space addresses, which allows
+ local users to cause a denial of service (crash).
Ubuntu-Description:
Notes:
+ dannf> s390 didn't have a futex.h until after 2.6.16
Bugs:
upstream: released (2.6.18-rc2)
-linux-2.6.16:
-linux-2.6:
-2.6.8-sarge-security:
-2.4.27-sarge-security:
+linux-2.6.16: N/A
+linux-2.6: released (2.6.17-1)
+2.6.8-sarge-security: N/A
+2.4.27-sarge-security: N/A
2.6.10-hoary-security: N/A
2.6.12-breezy-security: N/A
2.6.15-dapper-security: N/A
-2.6.17-edgy: ignore
+2.6.17-edgy: ignored
More information about the kernel-sec-discuss
mailing list